package org.microsites.security;

import java.lang.reflect.Method;

import org.aopalliance.aop.Advice;
import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.microsites.util.UserContext;
import org.springframework.aop.support.StaticMethodMatcherPointcutAdvisor;

public class SecuredAdvisor extends StaticMethodMatcherPointcutAdvisor implements MethodInterceptor {

	private static final long serialVersionUID = -5808413935008838032L;

	private UserContext userCtx;

	@Override
	public Object invoke(MethodInvocation mi) throws Throwable {
		if (!userCtx.isAuthenticated()) throw new AccessDeniedException();
		return mi.proceed();
	}

    @Override
    @SuppressWarnings("rawtypes")
	public boolean matches(Method method, Class cls) {
		return method.getAnnotation(Secured.class) != null;
	}

	@Override
	public Advice getAdvice() {
		return this;
	}

	public UserContext getUserCtx() {
		return userCtx;
	}

	public void setUserCtx(UserContext userCtx) {
		this.userCtx = userCtx;
	}

}
